[Qgis-developer] Working on Postgres provider PKI authentication support

Stefan Keller sfkeller at gmail.com
Mon Jan 25 17:14:38 PST 2016 

Hi,

I have a similar issue regarding authentication and authorization:
We're a part of a Swiss university network which uses partially Portal
for ArcGIS and I'm trying to integrate QGIS to this.
Now they implemented Shibboleth [1] which initially was not made for services...
But since we're the authors of ArcGIS REST API Connector [2] I see a
chance to integrate.
Any solution path for QGIS in order to get secure access to
WMS/WFS/ArcGIS_REST would be appreciated.

:Stefan

P.S. Matthias: We eventually can meet at QGIS-CH GV tomorrow in Olten?

[1] https://doc.arcgis.com/en/arcgis-online/reference/configure-shibboleth.htm
[2] http://plugins.qgis.org/plugins/connector/


2016-01-21 19:37 GMT+01:00 Luigi Pirelli <luipir at gmail.com>:
> Hi Mathias
>
> I wrote a new not integrating it in test_provider_postgres.py because
> it's setup is based on a "standard" db
>
> I/we can do two things
>
> 1) use this containers as test suite also for generic postgres
> provider giving less strict connection control (in this moment my
> container allow only certified connections) => in this way I can
> integrate the test inside test_provier_postgres.py
>
> 2) add the container in the trevis suite and leave the test is a separate test
>
> btw I don't have "power" or knowledge on QGIS Trevis configuration/setup
>
> my actual simple test code is here  (to see the code do compare):
>
> https://github.com/boundlessgeo/qgis/tree/postgis-pki-conntest
>
> I also added a configured qgis-auth.db (only with "Fra" user cert) in
> the test data set.
>
> the test would be adapted to be more generic in case of docker-machine
> containers (OSX and Win)
>
> cheers
> Luigi Pirelli
>
> **************************************************************************************************
> * Boundless QGIS Support/Development: lpirelli AT boundlessgeo DOT com
> * LinkedIn: https://www.linkedin.com/in/luigipirelli
> * Stackexchange: http://gis.stackexchange.com/users/19667/luigi-pirelli
> * GitHub: https://github.com/luipir
> * Mastering QGIS:
> https://www.packtpub.com/application-development/mastering-qgis
> **************************************************************************************************
>
>
> On 11 January 2016 at 19:58, Matthias Kuhn <matthias at opengis.ch> wrote:
>> Hi Luigi,
>>
>> Would it make sense to start such a container on travis and run some
>> checks against it from the test suite?
>> This would allow for a very quick feedback if somebody cuts the wrong wire.
>>
>> Best regards,
>> Matthias
>>
>> On 01/11/2016 07:43 PM, Luigi Pirelli wrote:
>>> Hi SebDieBln (I've no your email)
>>>
>>> I'm working for Boundless to add PKI authentication to postgres
>>> provider. I see you did some work on it:
>>> https://github.com/qgis/QGIS/pull/2473
>>>
>>> This email is to share some instruments I did to allow a environmental
>>> testing. I hope are useful for you and for all the community.
>>>
>>> I'm developing qgis patches here (<- sorry SebDieBln ;) )
>>> https://github.com/luipir/qgis/tree/postgis-pki
>>>
>>> To allow a better testing env (integration test not unit test) I
>>> prepared some docker data containers on the top of tim's
>>> kartoza/postgis docker.
>>> These containers allow to run a postgis container configured to accept
>>> certified connections using test certs in:
>>> https://github.com/qgis/QGIS/tree/master/tests/testdata/auth_system/certs_keys
>>>
>>> You can find this containers here (sorry again ;) )
>>> https://github.com/luipir/Postgis-pki-datacontainers
>>>
>>> eventually you can use this container to setup a certified connection
>>> for you db manager patches.
>>>
>>> Luigi Pirelli
>>>
>>> **************************************************************************************************
>>> * Boundless QGIS Support/Development: lpirelli AT boundlessgeo DOT com
>>> * LinkedIn: https://www.linkedin.com/in/luigipirelli
>>> * Stackexchange: http://gis.stackexchange.com/users/19667/luigi-pirelli
>>> * GitHub: https://github.com/luipir
>>> * Mastering QGIS:
>>> https://www.packtpub.com/application-development/mastering-qgis
>>> **************************************************************************************************
>>> _______________________________________________
>>> Qgis-developer mailing list
>>> Qgis-developer at lists.osgeo.org
>>> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>>> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>>
>> --
>> Matthias Kuhn
>> OPENGIS.ch - https://www.opengis.ch
>> Spatial • (Q)GIS • PostGIS • Open Source
>>
>>
>>
>> _______________________________________________
>> Qgis-developer mailing list
>> Qgis-developer at lists.osgeo.org
>> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
>> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
> _______________________________________________
> Qgis-developer mailing list
> Qgis-developer at lists.osgeo.org
> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer
> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer

More information about the Qgis-developer mailing list